Both Node::insertedIntoTree() and Node::insertedIntoDocument() are
served as lifecycle callbacks which are invoked when a node is
inserted into its new parent. There are also removedFromTree()
and removedFromDocument() respectively. Considering that this pair
of virtual functions are laid onto the hot path, it's worth
merging them into one, to gain some speedup. Such
unification could clarify the semantics as well.

This change makes following change to merge these functions.

pulling the tree traversal out from ContainerNode to ChildNodeInsertionNotifier.

letting new Node::insertInto() do the job for its own, but not
for its children and

Pass the parent of each insertion root as a parameter of insertedInto().
This root node can tell inserted node where it is inserted,
specifically whetehr the insertion is to the document or not.

Same pattern is also applied to Node::removedFromDocument() and
Node::removedFromTree(), which are factored to Node::removedFrom()
and ChildNodeRemovalNotifier respectively.

Speed up on Dromaeo/dom-modify.html is about 2%.
Further speed-up by de-virtulization would be possible.

Caveat:

There is possible situation where a node need to invoke
insertedInto() after its children is nofitied, instead of before
that. It was represented naturally with previous
traversal-by-ContainerNode pattern, but is no longer simple with
this new external traversal. To support this scenario, we
introduced the InsertionNotificationRequest as a return value of insertedInto()
and a supplemental hook Node::didNotifyDescendantInseretions(). See for
example HTMLFormElement.cpp to learn how it works.

LocalizedNumberICU.h contains only ICULocale class. It should be
named as ICULocale.h. We're going to move some functions in
LocalizedDateICU.cpp and LocalizedCalendarICU.cpp to ICULocale,
and add unit tests for them.

WebGLLayerChromium used to be responsible for the readback path for software painting WebGL canvases (for
printing, etc), but this path no longer has any compositor interaction. This moves the code into
DrawingBufferChromium which is responsible for managing the front / back buffers for WebGL.

Adds implementation of WebVideoLayer and ports WebMediaPlayerClientImpl over to using it.
WebMediaPlayerClientImpl still exposes a WebCore::VideoLayerChromium* to the compositor via the platformLayer()
interface, but this is temporary until we can change the PlatformLayer typedef over to WebLayer.

(WebCore::InsertionPoint::isActive):
A new public method for checking whether an insertion point is active or inactive.
If active, returns true. Otherwise, false.
(WebCore::InsertionPoint::isShadowBoundary):
Make the method consider whether an insertin point is active or inactive.
(WebCore::InsertionPoint::rendererIsNeeded):
Changed to return true If an insertion point is inactive.
(WebCore::InsertionPoint::attach):
Changed to call only HTMLElement::attach If an insertion point is inactive.
(WebCore::InsertionPoint::detach):
Changed to call only HTMLElement::detach If an insertion point is inactive.

html/shadow/InsertionPoint.h:

(InsertionPoint):
Added isActive public method.

dom/NodeRenderingContext.cpp:

(WebCore::NodeRenderingContext::NodeRenderingContext):
Changed to take into account an insertion point's activeness when parent is an insertion point.
(WebCore::NodeRenderingContext::firstRendererOf):
(WebCore::NodeRenderingContext::lastRendererOf):
Changed to take into account an insertion point's activeness.

Because existing node flags which indicate the class of each node
are mutually exclusive, these flags can be represented as a enum.
This patch introduces Node::NodeTypeTag to turn these flags into a
enum, and embeds it into Node::m_nodeFlags.

It should not be possible to make a rect in layer space that is clipped
by the camera but for which the screen space transform gives a
rectilinear output. But use consistent methods for checking that the
result remains enclosed within the actual pixels.

One day when clipped is true, we can find an interior axis-aligned rect
within the clipped result, and checking clipped explicitly makes this
more clear.

In an effort to prevent misuse, we previously decided to have borderBoxRect return a
pixel-snapped IntRect. This is because borderBoxRect returns a rect that's positioned
at (0,0), and therefore won't snap to the same size as the element it's covering.

There are a couple uses of borderBoxRect that don't pixel snap the values and require
sub-pixel precision. This patch adds a pixelSnappedBorderBoxRect that makes the snapping
explicit, and moves uses that would otherwise pixel snap the rect to this version to
avoid producing a rect of the incorrect size. For details about pixel snapping with
LayoutUnits, please see ​https://trac.webkit.org/wiki/LayoutUnit

Refactored building the stack trace to so that we can construct
it earlier, and don't rely on any prior work performed in the
exception handling machinery. Also updated LLInt and the DFG to
completely initialise the callframes of host function calls.

When a page with a full-frame plug-in is restored from the page cache, it needs to re-fetch the plug-in stream.

Fix this by breaking the assumption that a plug-in will always get its data from WebCore if it's a full-frame plug-in;
instead it only get its data from WebCore if it's a full-frame plug-in that's not being restored from the page cache.

Screen shift down when VKB shows by clicking in a input box MKS_3601371
PR #149846

Reviewed by Rob Buis.

After switching from ScrollView::canOverscroll to ScrollView::constrainsScrollingToContentEdge
we had a less restricted code path allowing/disallowing overscrolling. That caused
some webpages like google.com to get on overscroll when adjusting the scroll
position to ensure the focused input field is visible.

Patch restricts the way we allow overscrolling to the bottom, where the virtual
keyboard pops up from, clamping it to 0, 0 if it tries to
overscroll upwards, and to maximum scroll position if it overscrolls
downwards.

UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::printFrame): When printing is
initiated by WebProcess, all messages from UI process are sent synchronously to
avoid being queued, and so should EndPrinting.

If a layer becomes composited because it needs to clip composited
descendants, or if it has perspective, then it doesn't actually
needs its own backing store; its contents can be painted by an
ancestor, and we can just have an empty layer that does the clipping
or applies the perspective transform.

Individual WebBackForwardListProxy's had no idea which items are associated with them.
This adds that association and makes sure the proxy removes all associated items from the PageCache when it closes.

WebProcess/WebPage/WebBackForwardListProxy.cpp:

(WebKit::WebBackForwardListProxy::removeItem): Remove the item from the PageCache in case it was in it.
(WebKit::WebBackForwardListProxy::addItem): Add the item ID to this back/forward list's set of associated IDs.
(WebKit::WebBackForwardListProxy::close): Remove each associated item from the PageCache.

Remove delegation of mousewheel events from lower timeline pane to the timeline overview. This disables
support for moving overview window with horizontal swype over lower timeline pane, thus removing
an irritating situation when we try to both change overview window and scroll lower timeline pane
upon a single touchpad gesture. Those willing to move timeline window now would need to position
mouse over overview.

Moved the GStreamer initialization logic to a new
GStreamerUtilities module, used by the MediaPlayer and the
AudioContext. I also removed the static variables as
gst_init_check already handles cases where it's called multiple
times.

GL_BGRA is not defined in GLESv2, so it causes build-break at readRenderingResults.
To resolve this, a helper function readPixelsAndConvertToBGRAIfNecessary is added
in GC3DOpenGL.cpp & GC3DOpenGLES.cpp and it's used in GC3DOpenGLCommon.cpp.
And some other issues to build with GLES are gone with this patch.

CSS class and id selectors are case insensitive in non-strict modes. The code
that invalidated the scope elements used getElementByID() which is case
sensitive in all modes. As a result we would fail to invalidate elements
that would match a style rule but used different case in id.

The new code invalidates by crawling the DOM tree. This often (when there are classes)
actually faster than the existing code as we can now handle everything in a single pass.
Each class scope required a crawl with the old code.

The code uses the same functions as the selector matching code to get the same behavior.

The maximum class limit is lifted as number of classes does not affect complexity anymore.

Added the interface function didReceivedAuthenticaitonChallenge()
in interface class DumpRenderTreeClient;
Called m_dumpRenderTree->didReceiveAuthenticationChallenge() in
WebPagePrivate::authenticationChallenge() when DRT is enabled.

Descriptors of form n-b or -n-b, where b is number, are valid CSS identifiers.
However, in NthChildMode we need to check whether this identifier is a valid nth child descriptor.
The original code only checked this if the string was n- or -n- but this is not enough.
We need to check everything which starts with an n- or -n- prefix.

(JSObject):
(JSC::JSObject::setPropertyStorage): "Atomically" sets the new property storage
and the new structure so that we can be sure a GC never occurs when our Structure
info is out of sync with our PropertyStorage.
(JSC):
(JSC::JSObject::putDirectInternal): Moved the check to see if we should
allocate more backing store before the actual property insertion into
the structure.
(JSC::JSObject::putDirectWithoutTransition): Ditto.
(JSC::JSObject::transitionTo): Ditto.

(JSC::Structure::shouldGrowPropertyStorage): Lets clients know if another insertion
into the Structure would require resizing the property backing store so that they can
preallocate the required storage.
(Structure):

When setFixedVisibleContentRect is called we mark all fixed elements in the frame for layout.
In order to find these elements, RenderView maintains a list of fixed elements.
They are added and removed at the same time that they are added and removed from their parent RenderBlock.
The idea is taken from the iOS5.1 branch, at opensource.apple.com.
Added a manual test that allows removing and adding fixed elements at will.

Turn on the flag setFixedElementsLayoutRelativeToFrame. This causes fixed elements position to be calculated based on
visibleWidth and visibleHeight. When zoom level grows, the visibleWidth and visibleHeight become smaller.

We have two different types of requestContent methods: one on the source mapping level and one on the resource level.
There are also adapters between the two. I'm aligning it all to a single requestContent method declared in ContentProvider.

src/AutofillPopupMenuClient.h: Removed m_separatorIndex because now we use itemID to identify separators.

Added m_useLegacyBehavior which is true when it is initialized with a valid separator index. This is to keep
the autofill working even when the chromium side hasn't been updated yet.
(AutofillPopupMenuClient):

Several fragments of code in TypingCommand can be also used by DictationCommand. So this patch
introduced a new class, TextInsertionBaseCommand. It's a subclass of CompositeEditCommmand, and
base class of both TypingCommand and DictationCommand.

This patch also extends InsertTextCommand class. Its constructor will take an TextInsertionMarkerSupplier
object. After text is inserted to a node, InsertTextCommand would give marker supplier a chance to
add document markers to the inserted text.

CMakeLists.txt:

GNUmakefile.list.am:

Target.pri:

WebCore.exp.in:

WebCore.gypi:

WebCore.vcproj/WebCore.vcproj:

WebCore.xcodeproj/project.pbxproj:

dom/Document.cpp:

(WebCore::eventTargetNodeForDocument): Moved this function from EventHandler so that it can be used

by AlternativeTextController.

(WebCore):

dom/Document.h:

(WebCore):

dom/DocumentMarker.cpp:

(WebCore::DocumentMarker::DocumentMarker): New constructor that takes a pointer to DocumentMarkerDetails object.
(WebCore):

This removes all knowledge of CCLayerImpl from LayerRendererChromium. The most significant move code-wise is
moving the HUD up to live on CCLayerTreeHostImpl, since it's aware of the layer tree. This involves two changes.
First, CCHeadsUpDisplay is in charge of populating a ManagedTexture but the actual drawing code now lives in
LayerRendererChromium. Second, since we don't recreate CCLayerTreeHostImpl on a lost context, the font atlas
ownership is much simpler. Now a CCFontAtlas is created on the main thread if needed and passed asynchronously
to the CCHeadsUpDisplay which takes ownership of the atlas.

Currently the CSS parser calls to the Document and StyleSheetInternal objects to get settings, base URL etc.
The required information should be passed in on parser construction instead. The parser should not need to
know about the document at all.

The patch adds CSSParserContext struct that captures the parsing context. StyleSheetInternal saves the
parsing context and reuses it for any further parsing.

If the same stylesheet source is parsed with an identical context then the resulting stylesheet structure will
be identical. This will allow sharing parsed stylesheets in the future.

Remove the implicit assumption that a dataURL is the only desired output format
of the image encoding phase.

No new tests. Covered by existing canvas toDataURL tests.

platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::writeFunction): Rename closure to output.
(WebCore::encodeImage): Output the encoded image to the provided Vector<char>.
PNG format is only supported per the Cairo encoding MIMETypeRegistry.
(WebCore):
(WebCore::ImageBuffer::toDataURL): Refactor to use encodeImage().

Add a boolean flag indicating whether Bridge::initialize() has exited without receiving
a pointer to the peer object.

Modules/websockets/WorkerThreadableWebSocketChannel.cpp:

(WebCore::WorkerThreadableWebSocketChannel::WorkerContextDidInitializeTask::create):
(WebCore::WorkerThreadableWebSocketChannel::WorkerContextDidInitializeTask::WorkerContextDidInitializeTask):
(WebCore::WorkerThreadableWebSocketChannel::WorkerContextDidInitializeTask::performTask):
Kick mainThreadDestroy() to delete the peer if the bridge has failed to receive
a pointer to the peer (waitForMethodCompletion() exited due to message queue's
termination).
(WebCore::WorkerThreadableWebSocketChannel::Bridge::mainThreadInitialize):
(WebCore::WorkerThreadableWebSocketChannel::Bridge::initialize):

Modules/websockets/WorkerThreadableWebSocketChannel.h:

(WorkerThreadableWebSocketChannel):
Make WorkerContextDidInitializeTask an inner class of WorkerThreadableWebSocketChannel
so it can refer WorkerThreadableWebSocketChannel's static member function (mainThreadDestroy()).

Update CalendarPickerElement and MediaControlElements to use
pixelSnappedSize in preparation for turning on subpixel support.
Update RenderScrollbarPart to pixel snap rect before painting to ensure
that it is painted on device pixel boundaries.

WebProcess's default cache model is DocumentViewer. When DocumentViewer model is on,
the PageCache's capacity is set to 0. Tests that are enabling 'WebKitUsesPageCachePreferenceKey' expect
PageCache to be functional.

(WebCore::writeFunction): Return write success or failure with the appropriate
cairo status code per ​http://cairographics.org/manual/cairo-PNG-Support.html
(WebCore::ImageBuffer::toDataURL): Add mimeType ASSERT()s. <canvas> ensures that
a valid mimeType (supported by the port) is sent to toDataURL() calls. Check for
encoding failure and return "data:," if so.

When a LTH becomes invisible, the texture eviction is spread out across
two different functions and is not entirely clear. We move all the logic
together into a single place in didBecomeInvisibleOnImplThread() and
make the consequences of the current code more clear.

We remove the memory restriction on web pages based on viewport size
on desktop. This is causing pages that have complex use of layers to
end up hitting our memory limits, and moreso when the window is small.
Page complexity is not really a function of the viewport size.

We drop the mininum memory limit entirely, and just evict all
unprotected textures instead.

The named flow content nodes collection contains those nodes with webkitFlowInto property set to 'flow'.
In the list, the nodes are placed in document order. Nodes with display:none are also part of the list.
The list of nodes is returned as a static node list.

The content nodes are stored in RenderNamedFlowThread. The content nodes are added to the list in NodeRenderingContext::moveToFlowThreadIfNeeded
and removed from the list in Element::detach. When an element -webkit-flow-into property is changed, the element is detached and attached.
I have also added a bit in NodeFlags to mark that an element is part of a named flow (and the corresponding inNamedFlow/setInNamedFlow/clearInNamedFlow functions).

The goal of this test is to remind us whenever we add something to the
global scope. In practice, however, this test is a lot of work to
maintain because every port has different features enabled, which means
every port has a different list of things in the global scope. It's
very difficult to make changes without causing this test to go red on a
number of bots.

Rather than use this test to monitor the global scope, we're better off
paying attention to the IDL files. If folks are interested in changes
to what is exposed to JavaScript, they can subscribe to IDL changes
using a watchlist. (That's what I do, and it works pretty well.)

No new tests; DRT and WKTR don't have the infrastructure to test full-screen animation related bugs.

Instead of asking the media element whether it is in full screen or not, rely on when the media root element
was told that it enteredFullscreen() or exitedFullscreen(), which may occur at a different time than the
media element due to animations.

So that the media controls don't show up momentarily during full screen animations, call setAnimatingFullScreen(true)
before calling will{Enter,Exit}FullScreen(), so that the CSS rule for full screen animation will be in effect
immediately.

Similarly, call setAnimatingFullScreen(false) after calling did{Enter,Exit}FullScreen, so that the full screen media
controls don't momentarily appear at the end of an animation.

Regressed in r110409. When the -webkit-media-controls-panel were changed
from position:absolute to position:relative, this broke dragging of the
controls in fullscreen, which relies on the panel being absolutely positioned
to do its drag positioning. Change the way drag positioning is calculated to
accommodate position:relative.

An extremely large element causes problems with filters, either by
taking too long to compute the output or using too much memory. The
filter engine already has some constants for maximum expected size.
Make sure the render tree checks them before deciding to apply
effects.

As of today, any FrameView attached to the Widget-tree or any
RenderLayer whose corresponding RenderBox's style has a 'overflow'
property set to 'auto' is cached in its containing scrollable areas set.
We could be more restrictive about what we in fact want to
cache as scrollable areas, by checking if the element as an overflow
(i.e. more content than its viewport).

page/FrameView.cpp:

(WebCore::FrameView::setFrameRect):

Whenever the viewport changes, check if we have an scrollable/overflowed
content, and update the cache accordingly.

(WebCore::FrameView::setContentsSize):

Whenever the contents size changes, check if we have a scrollable/overflowed
content, and update the cache accordingly.

(WebCore::FrameView::calculateScrollbarModesForLayout):

Introduces a way to query for the scrollbars by only
taking into account the "rules" set by the web author.
For that, a new enum was added called SrollbarModesCalculationStrategy,
which allows callers to discard for example client-side scrollbar policies
in order to verify if a given frameview is scrollable or not.

(WebCore::FrameView::updateScrollableAreaSet):

Take into account various factors before considering a FrameView as
scrollable. If in the end it is, it gets added to its parent FrameView
scrollable areas map, otherwise removed.

(WebCore):
(WebCore::FrameView::addScrollableArea):

Became unneeded, thus removed.

(WebCore::FrameView::removeScrollableArea):

Whenever a FrameView is removed from the Widget-tree,
remove it from the cache.

Currently CSSParser sets usesRemUnits flag directly to Document. It should be set to
the stylesheet instead so parser does not need to know about the document. This also
avoids setting the flag unnecessarily when the stylesheet is not used.

Remove VideoFrameChromium wrapper and converts WebCore code to using the Platform WebVideoFrame API directly.
Some utility code that previously existed on VideoFrameChromium and only had one caller, such as doing
width/height adjustements for YV12 frames, is moved into the calling code (CCVideoLayerImpl).

[chromium] Now that the chromium port is using a different dom_storage backend
library in its main browser process, there are a handful of files that should no
longer be included in the build, and a few files than should be deleted
outright, and the webkit api should be modified to reflect the new (and smaller)
contract between the embedder and webkit/webcore.​https://bugs.webkit.org/show_bug.cgi?id=83807

Reviewed by Adam Barth.

Source/WebCore:

No new tests, existing tests apply.

WebCore.gyp/WebCore.gyp: Exclude several files from the WebCore/storage directory.

storage/StorageEventDispatcher.h: Delete a stale comment.

Source/WebKit/chromium:

WebKit.gyp: Delete a few files.

public/WebStorageNamespace.h: Remove some unused data members and methods, and annotate close() as deprecated.

public/platform/WebKitPlatformSupport.h: Annotate a method as deprecated.

(WebCore::CanvasRenderingContext2D::getImageData): Added this cover function that calls
through to getImageData with LogicalCoordinateSystem.
(WebCore::CanvasRenderingContext2D::webkitGetImageDataHD): Added. Calls through to
getImageData with BackingStoreCoordinateSystem.
(WebCore::CanvasRenderingContext2D::getImageData): Added a CoordinateSystem parameter to this
now-private function. It is passed through to ImageBuffer::getUnmultipliedImageData().
(WebCore::CanvasRenderingContext2D::putImageData): Added this cover function that calls
through to putImageData with LogicalCoordinateSystem.
(WebCore::CanvasRenderingContext2D::webkitPutImageDataHD): Added. Calls through to
putImageData with BackingStoreCoordinateSystem.
(WebCore::CanvasRenderingContext2D::putImageData): Added a CoordinateSystem parameter to this
function. It is passed through to ImageBuffer::putByteArray, and used to compute the rect to
invalidate after the drawing operation.

platform/graphics/ImageBuffer.h: Added a CoordinateSystem enum with the values

LogicalCoordinateSystem and BackingStoreCoordinateSystem. Added a CoordinateSystem parameter,
which defaults to LogicalCoordinateSystem, to getUnmultipliedImageData,
getPremultipliedImageData, and putByteArray.

(WebCore::ImageBuffer::getUnmultipliedImageData): Now uses the CoordinateSystem parameter to
decide whether to ask ImageBufferDaya::getData() to apply the resolution scale or not.
(WebCore::ImageBuffer::getPremultipliedImageData): Ditto.
(WebCore::ImageBuffer::putByteArray): Now uses the CoordinateSystem parameter to decide
whether to maintain the resolution scale while drawing or not.
(WebCore::ImageBuffer::toDataURL):

Unskip PageLoad directory and skip tests that load too fast (less than 100ms) and are unstable,
and the ones that take too long to load (more than 20s).

Skipped:

Tools:

Add support for page loading tests. These are tests without any test running harnesses, and we use
DriverOutput's test_timeout to measure the loading time.

Extracted PerfTest.run and PerfTest.run_failed from PerfTestRunner._run_single_test.

Scripts/webkitpy/performance_tests/perftest.py:

(PerfTest.run):
(PerfTest):
(PerfTest.run_failed):
(PerfTest.parse_output):
(PerfTest.output_statistics):
(ChromiumStylePerfTest.parse_output):
(PageLoadingPerfTest): Added.
(PageLoadingPerfTest.init):
(PageLoadingPerfTest.run): Run the driver 20 times to get the statistics for the loading time.

The last item that was needed to make the CCHeadsUpDisplay work in
threaded compositing mode was to remove the font rendering code
used on the impl-side thread. To solve this, this patch adds a
CCFontAtlas that is initialized on the main thread (where the font
rendering takes place). Then, when the HUD draws text on the impl
thread, it uses the font atlas directly.

This is a regression from r110072. I wrongly thought we should call ensureLayer if we create our RenderOverflow.
However the current overflow code removes the before and start overflows (like in horizontal writing mode with ltr direction,
we never have a top or a left overflow). Because of that we would not get a RenderLayer as expected and the overflow clip rects
would be wrong on our RenderLayer children.

rendering/RenderBox.cpp:

(WebCore::RenderBox::addLayoutOverflow):
Moved the ensureLayer() call after the check that we do have some overflow but before we remove the overflow in some directions.

When we stop in the inline script on reload, we should only show concatenated script content.
When we resume, we should replace UI source code with the actual HTML content. We should not attempt to
fetch resource content until request finished loading. I regressed it in the Request extraction
and now am bringing it back.

Revert the previous way of dealing with things. The problem is that different layers
would end up rounding in different directions, and would cause jittering between
layers or with the QQuickWebPage's background.

platform/graphics/texmap/TextureMapperGL.cpp:

(WebCore::TextureMapperGL::drawTexture):

Source/WebKit2:

Do the alignment on the highest level as possible: the QQuickFlickable content item
position. It already supports this with setPixelAligned which rounds the content item's position.

Also move the setClip(true) to the common constructor as this constructor is currently only used by WTR.

Remove setFlags(QQuickItem::ItemClipsChildrenToShape) as it is redundant with setClip(true).

There is a number of random properties created on Resource and NetworkRequest that represent various url
fragments. Display name is being based on them and sometimes requires fake Resource instance to be created.
This change (officially) introduces WebInspector.ParsedURL as a type that encapsulates this complexity.

This change also moves documentURL property into the Resource and NetworkRequest constructors and brushes up
factory methods used to create the objects.

This change extracts NetworkRequest from the Resource. It is now clear that these two
should have super class that would be responsible for parsing URL and would define the
requestContent signature. Corresponding patch will follow.

WK2 has compositing mode on all the time, while Wk1 turns it on only when
the page has composited content. This patch ensures that, when delegates scrolling behavior
is changed, backing stores are cleared only when there's an actual composition,
similarly to what CachedFrame does.

We were manually including the directories needed from WTF, instead of
using the WEBKIT qmake variable to add dependencies, which also adds
other tricks from WTF.pri, such as the right include paths for ICU.

As part of auditing all the ways of kicking off a navigation, I
happened to read JSDocument::setLocation, which uses very old patterns.
This patch updates it to do things the "modern" way. There shouldn't
be any behavior change.

On Mountain Lion overlay scrollbars have a new expanded mode. In expanded mode the scrolllbar is slightly wider which causes the tickmarks to look incorrect. Fix was to explicitly enter expanded mode to get the correct look.
Screenshots:
broken: ​http://i.imgur.com/PDKYH.png
fixed: ​http://i.imgur.com/utp0Y.png

platform/chromium/ScrollbarThemeChromiumMac.mm:

(WebCore::ScrollbarThemeChromiumMac::paint): Called setExpanded if API is available.

Adds background filters to LayerChromium/CCLayerImpl. These filters are
applied to any pixels in the contents behind the layer and seen through
it.

This is done by adding a backgroundTexture() to the render surface, which
holds the read-back contents of the target framebuffer, background filter
applied, in the surface's own coordinate space. Then this is drawn back
into the frame buffer before the contents of the surface itself is drawn.

V8DOMWindowShell::setLocation is only used by document.location. It's
more direct for document.location to call Location::setHref directly.
This integrates correctly with the navigation rules for
<iframe seamless>.

Preparing the functions that live in LengthFunctions for sub-pixel layout, which entails
using and returning LayoutUnits instead of integers. There are a number of rendering
classes that are laid out using integers -- see ​https://trac.webkit.org/wiki/LayoutUnit
for details -- so this also adds integer-specific versions of the length functions for
explicit use in those classes.

No new tests. No change in behavior.

css/LengthFunctions.h:

(WebCore): Using LayoutUnits for sub-pixel precision and adding integer-specific versions
of minimumValueForLength and valueForLength that truncate.

This patch aligns the internal state representation of the FrameLoader
more closely with the HTML5 spec. Both the null string and "_self"
represent self-navigation, but the HTML5 spec distinguishes them when
navigating seamless iframes. In that case, "_self" is explicit
self-navigation, whereas a null string will get redirected to the
"master" frame (the closest enclosing non-seamless frame).

Extracted PerfTest and ChromiumStylePerfTest from PerfTestRunner. This class abstracts a test
that was previously represented by a tuple.

Also moved the logic to determine whether a given test is chromium style or not from run() to
_collect_tests(). And moved the output parsing algorithms for parser style and chromium style
tests from PerfTestRunner to PerfTest and ChromiumStylePerfTest respectively so that we may
add new types of tests more easily.

Remove VideoFrameChromium wrapper and converts WebCore code to using the Platform WebVideoFrame API directly.
Some utility code that previously existed on VideoFrameChromium and only had one caller, such as doing
width/height adjustements for YV12 frames, is moved into the calling code (CCVideoLayerImpl).

This patch improves replaceUsingStringSearch() with the following:
-Add a special case for single character search, taking advantage of the faster WTF::find().
-Inline replaceUsingStringSearch().
-Use StringImpl::create() instead of UString::substringSharingImpl() since we know we are in the bounds

by definition.

This gives less than 1% improvement for the multicharacter replace.
The single character search show about 9% improvement.

Before this patch, window.open called FrameTree::find and
Document::canNavigate separately. This patch refactors the code to
call FrameLoader::findFrameForNavigation, which does both. This
refactoring prepares window.open to understand seamless navigation,
which will happen in findFrameForNavigation.

Convert layout test resource PNGs to sRGB. Some tests, such as
compositing/color-matching/image-color-matching.html, expect that
images with an RGB profile will not be altered when displayed. However,
some of the resources have RGB profiles that are different from sRGB
and actually should change when displayed with color profile support.

Shipping versions of iAd Producer rely on the pre-r102262 behavior of
respecting '!important' when specified in a CSSStyleDeclaration
property setter. Restore this quirky behavior for versions of the app
that expect it.

WebCore.exp.in: Export

Settings::setShouldRespectPriorityInCSSAttributeSetters().

bindings/js/JSCSSStyleDeclarationCustom.cpp:

(WebCore::JSCSSStyleDeclaration::putDelegate): If
setShouldRespectPriorityInCSSAttributeSetters() is true, restore the
pre-r102262 behavior wherein we attempt to parse '!important' out of
the property value.

version of WebKit.framework to ignore '!important' in
CSSStyleDeclaration property setters.

WebView/WebView.mm:

(shouldRespectPriorityInCSSAttributeSetters):
(-[WebView _commonInitializationWithFrameName:groupName:]): Enable a
quirk to restore pre-r102262 behavior if the application is iAd Producer
and was linked against a version of WebKit.framework that had the old behavior.

Make it possible to build WebKit1 with v8.
WebKit2 is not covered yet so it need to be disabled.
To build webkit with --v8 one need a qtjsbackend with
an up-to-date copy of v8. Thanks to Peter Varga such
a public repository is available on gitorious:​https://qt.gitorious.org/~stampho/qt/stamphos-qtjsbackend.

This patch contains some build fix with !ENABLE(INSPECTOR)
from it's previous version. These are not necessary now
but I kept them because they makes sense.

For V8 we need to set a flag on the WrapperTypeInfo since V8 uses FunctionTemplates which
does not allow setting the prototype to a non FunctionTemplate so the prototype is therefore
set when the constructor is created.

For JSC we just pass the right prototype object when creating the NodeList prototype. JSC has
a bug (81588) that prevents toString to work as specced on Array.prototype.toString. This
causes test failures in the tests until that has been fixed.

Source/WebCore:

Test: fast/dom/NodeList/node-list-array-class.html

bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader): Include ArrayPrototype.h if an ArrayClass.
(GenerateImplementation): If ArrayClass use arrayPrototype as prototype.

bindings/scripts/CodeGeneratorV8.pm:

(GenerateNamedConstructorCallback):
(GenerateImplementation): Adds a flag to the WrapperTypeInfo.

bindings/scripts/IDLAttributes.txt:: Adds new attribute: ArrayClass.

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObj::createPrototype):

bindings/scripts/test/JS/JSTestObj.h:

bindings/scripts/test/TestObj.idl:

bindings/scripts/test/V8/V8Float64Array.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestEventConstructor.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestEventTarget.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestInterface.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestNamedConstructor.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestNode.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestObj.cpp:

(WebCore):

bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:

(WebCore):

bindings/v8/NPV8Object.cpp:

(WebCore::npObjectTypeInfo):

bindings/v8/V8BindingPerContextData.cpp:

(WebCore::V8BindingPerContextData::init): Get the array prototype too.
(WebCore::V8BindingPerContextData::createWrapperFromCacheSlowCase):
(WebCore::V8BindingPerContextData::constructorForTypeSlowCase): If this is an ArrayClass we need to
set the [[Prototype]].

This patch modifies RenderText so that it scans all of its characters up front to
determine whether or not the simple code path can be used for measurement/rendering
of the text for the whole run.

TextRun now has an additional field that indicates that the character scan is not
required, since the entire RenderText is known to be simple. This boolean is set
when constructing the TextRun from the places that make TextRuns from RenderTexts.

The character scan has been refactored into a static Font method so that it can be
called by RenderText. The scan of individual TextRuns is also done using the same method
so that the code is shared.

AccessibilityObject::size was virtual with a number of overloads, but all the implementations were
redundant. Avoiding the virtual thunk and code duplication by declaring it non-virtual and only
implementing it in AccessibilityObject.

Also adding a pixelSnappedSize method that returns an IntSize, and using it in platform
accessibility code.

In order to support the behavior of pthread_mutex_trylock(), the Windows Mutex class includes
a recursion counter which is incremented in Mutex::lock(), decremented in Mutex::unlock(),
and checked in Mutex::tryLock(). If the mutex is "over-unlocked", the counter wraps around to
MAX_INT, and subsequent calls to Mutex::trylock() will fail. Raise an ASSERT in this situation
so the "over-unlock" will be caught.

This brings us up to spec with respect to when it's ok to call
cursor.continue() and the various behaviors around it:

If you call it more than once, continue() throws an exception.

The values of key/primaryKey/value are consistent, whether or not
continue has been called, meaning that if continue() results in
data being loaded from the backing store, that data does not
affect the cursor until the success callback has completed.

Calls to update() and delete() can happen before continue(), but
not afterwards.

Adding setCSSExclusionsEnabled/cssExclusionsEnabled that is true by default.
The CSS parser will not accept values for the exclusions properties when
cssExclusionsEnabled is false. However, you will still get the default value
in the computed style.

Updated the unit test to ignore the hours and minutes of the
localtime for time(0), since we can't easily guarantee which
timezone we're in or what timezone rules were in effect on
1/1/1970; this should be mostly fine since we can trust that
time.localtime() will work, although there is the possibility
that we'll screw up the time formatting of which field is the
hours and which is the minutes.

Source/WebCore: REGRESSION (r113233): fast/canvas/webgl/array-message-passing.html crashing on Lion and Snow Leopard bots.​https://bugs.webkit.org/show_bug.cgi?id=83427.
Due to incorrect merge by me when landing r113233, call to find got replaces with call to add in
checking for duplicates in ObjectPool when serializing.

To leave room for the radical sign and absolutely positioned "index", we switch to using
intrinsic padding. RenderMathMLRoot.cpp is also cleaned up and prepared for merging with
RenderMathMLSquareRoot.cpp. The base and index are no longer wrapped in extra renderers,
and the child renderers are now in the same order as in the DOM. Some padding/placement
terms are unified and debugged.

The JSON sent over from the remote Web Inspector front-end was being
mis interpreted as ISO-8859-1. This caused all non ascii characters to
become garbled when using the String constructor, so we use fromtUTF8 instead.

The test had an arbitrary performance expectation to start playing in 200 ms,
which caused the layout test to fail for Chromium when the Chromium's
audio buffer size increased.
This CL removes that expectation and fixes some HTML and grammar mistakes.

A difference between Dictionary and JSDictionary makes it difficult to merge the two together and avoid
creating a confusing API. The boolean returned by Dictionary::get() represents whether the
property was found. The boolean returned by JSDictionary::tryGetProperty() represents whether an
exception was thrown.

(WebCore::JSDictionary::isValid):
(WebCore::JSDictionary::tryGetProperty): Convert to a const function.
(WebCore::JSDictionary::get): Similar to tryGetProperty(), but returns true if the
property was found, converting the value succeeded and the out parameter "result" was set.
(WebCore::JSDictionary::tryGetPropertyAndResult): Refactor tryGetProperty() to return the enum directly.

Re-speed up text selection. The previous patch had a merge
error causing text selection not to function. The fix
implemented removed the optimization. This fixes the error
in the original patch and removes the temporary fix.

Before setting the scrollPositionDelta to a fixed layer, check if it has an ancestor which also has fixed position.
If it does, do not set scrollPositionDelta.
Added a flag to TextureMapperLayer and GraphicsLayerTextureMapper indicating if it is a fixed position layer.

This will hopefully simplify gardening tasks. The tests without
bug entry have been marked with BUGWKGTK and the most problematic
suites (mostly for unimplemented or heavily unreliable features
(inspector)) have been SKIP flagged.

Up until now, fonts in the Qt port have been handled via
the QFont API. QRawFont offers a lower-level API enabling
us to be more in line with what other WebKit ports do.
This patch proceeds to switching over to QRawFont, and
effectively use an earlier change by Andreas Kling
that remained guarded up until now.

When delegate scrolling is on, the frame view needs to ignore scrolling offset when converting
coordinates. It is already done at ScrollView base class and this patch copies the logic to the
FrameView subclass.
Also make sure that TouchAdjustment's findBest*() functions' return value are not ignored by the caller.

When delegate scrolling is on, the frame view needs to ignore scrolling offset when converting
coordinates. It is already done at ScrollView base class and this patch copies the logic to the
FrameView subclass.
Also make sure that TouchAdjustment's findBest*() functions' return value are not ignored by the caller.

(WebKit::WebViewImpl::WebViewImpl): Initialize m_pagePopup.
(WebKit::WebViewImpl::handleKeyEvent):
Renamed from keyEvent(). Forward key events to a PagePopup if it is open.
(WebKit::WebViewImpl::handleCharEvent):
Renamed from charEvent(). Forward char events to a PagePopup if it is open.
(WebKit::WebViewImpl::openPagePopup):
Added. Instantiate a WebPagePopupImpl, calculates a good bounding
rectangle of the page popup from the specified element rectangle,
initialize the WebPagePopupImpl, and stop caret blink.
(WebKit::WebViewImpl::closePagePopup):
Close the popup, clear m_pagePopup, and resume caret blink.
(WebKit::WebViewImpl::setFocus): Hide all the popups.
(WebKit::WebViewImpl::hidePopups): Hide the page popup too.

Canonical image mimeTypes begin with "image/", and this is tested by an ASSERT
guard in toDataURL(): that checks the WebCore mimeType registry for image-for-
encoding mimeType. There is no need to also test mimeType.startsWith("image/")
since that is a given.

In order to share code in WebViewImpl and the incoming WebPagePopupImpl,
we move some code of WebViewImpl and WebFrameImpl to PageWidgetDelegate.
PageWidgetDelegate is a set of static functions because we can't use
virtual inheritance in this case and we don't want to move WebView's
data members to another class.

No new tests. Just refactoring.

WebKit.gyp: Add PageWidgetDelegate.{cpp,h} and WebPagePopupImpl.h.

src/PageWidgetDelegate.cpp: Added.

(WebKit::mainFrameView):
(WebKit::PageWidgetDelegate::animate):
Moved from a part of WebViewImpl::animatie()
(WebKit::PageWidgetDelegate::layout):
Moved from WebViewImpl::layout() and WebFrameImpl::layout().
(WebKit::PageWidgetDelegate::paint):
Moved from WebFrameImpl::paint() and paintWithContext().
(WebKit::PageWidgetDelegate::handleInputEvent):
Moved from a part of WebViewImpl::handleInputEvent().
(WebKit::PageWidgetEventHandler::handleMouseMove):
Common implementation of an event handling.
(WebKit::PageWidgetEventHandler::handleMouseLeave): ditto.
(WebKit::PageWidgetEventHandler::handleMouseDown): ditto.
(WebKit::PageWidgetEventHandler::handleMouseUp): ditto.
(WebKit::PageWidgetEventHandler::handleMouseWheel): ditto.
(WebKit::PageWidgetEventHandler::handleTouchEvent): ditto.

src/PageWidgetDelegate.h: Added.

src/WebFrameImpl.cpp:

Remove layout(), paintWithContext(), and paint(). They are moved to
PageWidgetDelegate.